News & Analysis as of May 5, 2025

Data Protection

+ Follow

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now. less -

FAR Council Proposes Compliance with NIST SP 800-171 for Non-Defense Contractors

Holland & Knight LLP on 2/20/2025

Earlier this year, the FAR Council issued a proposed rule to implement the Controlled Unclassified Information (CUI) Program as it relates to federal contracts. The proposed rule is "just one element of a larger strategy to...more

Client Alert: FAR Council Issues Long-Awaited Proposed Rule to Implement Controlled Unclassified Information Program

Jenner & Block on 1/22/2025

On January 15, 2025, the Department of Defense (DOD), General Services Administration (GSA), and the National Aeronautics and Space Administration (NASA) (collectively, “the FAR Council”) issued a long-anticipated proposed...more

After a Short 15-Year Wait, the Government Finally Tries to Define What the Heck Controlled Unclassified Information (CUI)...

Kilpatrick on 1/17/2025

Over the last two decades, federal contractors have been frustrated by the Government’s hodgepodge approach to regulating Controlled Unclassified Information (CUI). Various agencies have implemented differing definitions,...more

They Did It. They Really Did It! The Arrival of the FAR CUI Proposed Rule

McCarter & English Blog: Government Contracts... on 1/17/2025

After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more

Governmental Practice Cybersecurity and Data Protection: 2024 Recap & 2025 Forecast Alert

Sheppard Mullin Richter & Hampton LLP on 1/8/2025

To kick off the New Year (and as is now tradition, since we put out a similar Recap & Forecast last year), Sheppard Mullin’s Governmental Practice Cybersecurity & Data Protection Team has prepared a cybersecurity-focused 2024...more

Federal Cybersecurity Requirements Ought Not Be Ignored by Contractors

Troutman Pepper Locke on 10/9/2024

Since 2016, the federal government has implemented numerous procurement regulations and associated contract clauses to address cybersecurity by requiring contractors to adopt various controls and standards to protect...more

Department of Defense Issues Class Deviation Delaying Application of NIST SP 800-171, Revision 3

Bass, Berry & Sims PLC on 5/9/2024

On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more

The FY 2024 National Defense Authorization Act: What Government Contractors Should Know

Perkins Coie on 12/27/2023

The Fiscal Year 2024 National Defense Authorization Act (NDAA) includes numerous provisions relevant to government contractors in areas such as artificial intelligence (AI), cybersecurity, supply chain concerns related to...more

Penn State University Hit With False Claims Act Suit for Alleged Cyber Security Deficiencies

Alston & Bird on 9/26/2023

On September 1, 2023, the U.S. District Court for the Eastern District of Pennsylvania unsealed a qui tam False Claims Act (“FCA”) lawsuit (originally filed on October 5, 2022) alleging Penn State University failed to provide...more

Recent Cyber-Related False Claims Act Activity Signals Contractors and Universities Should Examine Their Cybersecurity Practices...

Sheppard Mullin Richter & Hampton LLP on 9/12/2023

In recent weeks, there has been an uptick in news of cyber-related False Claims Act (“FCA”) activity. For example, on September 1, 2023, the court unsealed a qui tam lawsuit against Penn State University relating to...more

DoD to Contracting Officers: Demand Compliance and Seek Consequences for Material Breaches of Cybersecurity Requirements by...

Wilson Sonsini Goodrich & Rosati on 8/9/2022

On June 16, 2022, the Department of Defense (DoD) issued a memorandum to its contracting officers emphasizing their obligation to monitor compliance by DoD contractors with the cybersecurity requirements of their contracts....more

DOD Suspends CMMC Version 1.0 and Charts a New Course With “CMMC 2.0”

Wiley Rein LLP on 11/8/2021

WHAT: On November 4, 2021, the U.S. Department of Defense (DOD) announced the completion of a months-long internal review and significant changes to the strategic direction of its Cybersecurity Maturity Model Certification...more

Department of Justice to Prioritize Cybersecurity Fraud through New Civil Cyber-Fraud Initiative

Blank Rome LLP on 10/26/2021

On October 6, 2021, the U.S. Department of Justice (“DOJ”) announced a new Civil Cyber-Fraud Initiative to pursue cybersecurity fraud matters using the enforcement mechanisms of the False Claims Act (“FCA”). This...more

DOJ Launches “Civil Cyber Fraud Initiative” to Use the False Claims Act to Address Cybersecurity-Related Conduct

WilmerHale on 10/14/2021

The US Department of Justice (DOJ) recently announced plans to use the False Claims Act (FCA) to pursue cybersecurity-related fraud by government contractors, subcontractors and grant recipients, including for providing...more

DOJ’s Civil Cyber-Fraud Initiative Highlights False Claims Act Cybersecurity Risks for Government Contractors

Perkins Coie on 10/12/2021

On October 6, 2021, the U.S. Department of Justice (DOJ) announced an initiative to pursue civil False Claims Act (FCA) enforcement actions against government contractors that knowingly fail to follow required cybersecurity...more

A Sea Change in Handling of Government Contractor Cyber Incident Reporting?

Stinson - Government Contracting Matters on 10/8/2021

In the wake of increasing cybersecurity threats and incidents, the U.S. Department of Defense (DoD) amended its Federal Acquisition Regulation Supplement (DFARS) in 2015 to issue the 252.204-7012, Safeguarding Covered Defense...more

President Biden's Executive Order to Improve Cybersecurity Issued

King & Spalding on 5/19/2021

On May 12, 2021, President Joe Biden issued a wide ranging Executive Order “On Improving the Nation’s Cybersecurity,” which was in the works after the SolarWinds cyberattack and arrived soon after a ransomware attack on the...more

Government Contracts Cyber Café: 2019 Wrap Up and Privacy, CMMC, and GRC in 2020

Troutman Pepper Locke on 1/14/2020

The Government Contracts Cyber Café provides coaching, training and analysis to help you work through the technical, legal, accounting and other requirements confronting your organization, with the goal of helping you achieve...more

Navy-Marine Corps Issue Supplement to DFARS Cybersecurity Rule

Stinson - Government Contracting Matters on 10/11/2019

In the face of increasing concern over the security of Navy and Marine Corps (Navy) programs, the Navy Marine Corps Acquisition Regulation Supplement (NMCARS) was updated on September 6, 2019 to incorporate significant...more

ADG Insights | NIST set to "enhance" contractor cybersecurity duties

Hogan Lovells on 10/7/2019

Through ADG Insights, we share with you the top legal and political issues affecting the aerospace, defense, and government services (ADG) industry. Our ADG industry team monitors the latest developments to help our clients...more

Vulnerable Systems: Contractor Protection of Controlled Unclassified Information at Risk

Bass, Berry & Sims PLC on 8/7/2019

The Department of Defense (DoD) Inspector General recently issued a report summarizing the findings of an audit into the protection of Controlled Unclassified Information (CUI) on contractor networks. Based on an in-depth...more

Department of Defense Sets Course on Cybersecurity Evaluation and Enforcement

PilieroMazza PLLC on 7/18/2019

On a limited budget, government contractors need to be compliant with a litany of statutes, regulations, and industry standards in order to remain competitive in the marketplace. This has become particularly true in the...more

Never Stop Never Stopping: Defense Department Quietly Unveils Proposed Cybersecurity Capability Model Certification Standards And...

McCarter & English Blog: Government Contracts... on 6/26/2019

Cybersecurity. It’s never over, is it? In what can only be described as a “soft” release, the Department of Defense (DoD) has slowly and quietly begun to reveal its intent to provide federal contractors with formal...more

Government Contracts Cyber Café Series: An Inside Look at DFARS Compliance Data

Troutman Pepper Locke on 6/11/2019

Listen to the fifth installment of our 2019 webinar series covering the top issues in government contracts and cybersecurity — all in just 45 minutes. The Government Contracts Cyber Café provides coaching, training and...more

DOD and Other Agencies Seek to Enhance Contractors’ Cyber and Supply Chain Security

Akin Gump Strauss Hauer & Feld LLP on 12/20/2018

The Department of Defense (DOD) and its component services and agencies are taking several independent steps to assess and enhance their cyber and supply chain security that will directly or indirectly affect DOD contractors...more

53 Results

View per page

Page: of 3

Cybersecurity › DFARS › Data Protection

"My best business intelligence, in one easy email…"